<?php
include ("include.php");


$title = "&#272;&#259;ng nh&#7853;p t&agrave;i kho&#7843;n";

$langid = $HTTP_GET_VARS["langid"];
$langid = getNumber($langid);

//Layout
$layout_file = $arr_layout["sub"];
include("html_layout.php");

if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {
	$username = $HTTP_POST_VARS["username"];
	$password = $HTTP_POST_VARS["password"];
	//echo "username: $username - password: $password<br>";
	//kiem tra user & password
	$arr_users = $thanhvien->check_username($username);
	if(count($arr_users) < 1){//kiem tra username
		$login_fail = 1;
		$login_msg = "T&ecirc;n &#273;&#259;ng nh&#7853;p kh&ocirc;ng t&#7891;n t&#7841;i";
	}else{//kiem tra trang thai
		if ($arr_users['trangthai'] == 0){
				$login_fail = 1;
				$login_msg = "T&agrave;i kho&#7843;n c&#7911;a b&#7841;n kh&ocirc;ng ho&#7841;t &#273;&#7897;ng";				
		}else{//kiem tra password
			if (!tep_validate_password($password, $arr_users['password'])) {
				$login_fail = 1;
				$login_msg = "M&#7853;t kh&#7849;u kh&ocirc;ng &#273;&uacute;ng";	
			}
		}
	}
	
	if (!$login_fail){
		$arr_user_login = array();
		$arr_user_login['user_id'] = $arr_users['id'];
		$arr_user_login['user_name'] = $arr_users['username'];
		$arr_user_login['user_level'] = $arr_users['level'];
		
		session_unregister('session_user_login');	$session_user_login = $arr_user_login;	session_register('session_user_login');
		
		//update tien
		$thanhvien->reset_tien();
		
		//*
		echo "<script>document.location='".WEBSITE_URL_DEFAULT."'</script>";
		//*/
	}
	
}else{
	if ($HTTP_GET_VARS['action'] == 'logout'){
		session_unregister('session_user_login');
		echo "<script>document.location='".WEBSITE_URL_DEFAULT."'</script>";		
	}
}


$str_content = $thanhvien->FormLogin();
$str_htm = ereg_replace("@noidung@",$str_content, $str_htm);
if($login_msg != ""){
	$login_msg = "<br/>".$login_msg;
}
$str_htm = ereg_replace("<!--login_msg-->",$login_msg, $str_htm);


include ("include_2.php");

print $str_htm;
?>